5 years ago · 3c73022272
--- a/app/assets/javascripts/app/controllers/knowledge_base/reader_controller.coffee
+++ b/app/assets/javascripts/app/controllers/knowledge_base/reader_controller.coffee
@@ -115,7 +115,7 @@ class App.KnowledgeBaseReaderController extends App.Controller
 
				       # coffeelint: disable=indentation
			
 
				       url = switch settings.provider
			
 
				             when 'youtube'
			
 
				-              "http://www.youtube.com/embed/#{settings.id}"
			
 
				+              "https://www.youtube.com/embed/#{settings.id}"
			
 
				             when 'vimeo'
			
 
				               "https://player.vimeo.com/video/#{settings.id}"
			
 
				       # coffeelint: enable=indentation
			
--- a/app/helpers/knowledge_base_rich_text_helper.rb
+++ b/app/helpers/knowledge_base_rich_text_helper.rb
@@ -38,7 +38,7 @@ module KnowledgeBaseRichTextHelper
 
				 
			
 
				       url = case settings[:provider]
			
 
				             when 'youtube'
			
 
				-              "http://www.youtube.com/embed/#{settings[:id]}"
			
 
				+              "https://www.youtube.com/embed/#{settings[:id]}"
			
 
				             when 'vimeo'
			
 
				               "https://player.vimeo.com/video/#{settings[:id]}"
			
 
				             end
			
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -35,6 +35,7 @@ Rails.application.config.content_security_policy do |policy|
 
				   policy.object_src  :none
			
 
				   policy.script_src  :self, :unsafe_eval, :unsafe_inline, :strict_dynamic
			
 
				   policy.style_src   :self, :unsafe_inline
			
 
				+  policy.frame_src   'www.youtube.com', 'player.vimeo.com'
			
 
				 end
			
 
				 
			
 
				 # If you are using UJS then enable automatic nonce generation
			
--- a/spec/system/knowledge_base/locale/answer/edit_spec.rb
+++ b/spec/system/knowledge_base/locale/answer/edit_spec.rb
@@ -43,7 +43,7 @@ RSpec.describe 'Knowledge Base Locale Answer Edit', type: :system, authenticated
 
				       visit "#knowledge_base/#{knowledge_base.id}/locale/#{primary_locale.system_locale.locale}/answer/#{published_answer_with_video.id}"
			
 
				 
			
 
				       iframe = find('iframe')
			
 
				-      expect(iframe['src']).to start_with('http://www.youtube.com/embed/')
			
 
				+      expect(iframe['src']).to start_with('https://www.youtube.com/embed/')
			
 
				     end
			
 
				   end
			
 
				 end
			
--- a/spec/system/knowledge_base_public/answer_spec.rb
+++ b/spec/system/knowledge_base_public/answer_spec.rb
@@ -13,7 +13,7 @@ RSpec.describe 'Public Knowledge Base answer', type: :system, authenticated: fal
 
				       visit help_answer_path(primary_locale.system_locale.locale, category, published_answer_with_video)
			
 
				 
			
 
				       iframe = find('iframe')
			
 
				-      expect(iframe['src']).to start_with('http://www.youtube.com/embed/')
			
 
				+      expect(iframe['src']).to start_with('https://www.youtube.com/embed/')
			
 
				     end
			
 
				   end
			
 
				 end